(Tcl) Add a Document Timestamp Signature to an already-signed PDF

See more PDF Signatures Examples

Note: This example requires Chilkat v9.5.0.99 or greater.

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set pdf [new_CkPdf]

# Load the PDF that has already been signed.
set success [CkPdf_LoadFile $pdf "qa_data/pdf/helloWorld_signed.pdf"]
if {$success == 0} then {
    puts [CkPdf_lastErrorText $pdf]
    delete_CkPdf $pdf
    exit
}

set json [new_CkJsonObject]

CkJsonObject_UpdateBool $json "invisibleSignature" 1
CkJsonObject_UpdateString $json "subFilter" "/ETSI.RFC3161"

CkJsonObject_UpdateBool $json "timestampToken.enabled" 1

# In this example, we'll use a free TSA server (timestamp.digicert.com), but you may want to use your own timestamp authority server.
CkJsonObject_UpdateString $json "timestampToken.tsaUrl" "http://timestamp.digicert.com"

# If the timestamp server requires a username/password, do the following.  Otherwise omit the following few lines of code.
CkJsonObject_UpdateString $json "timestampToken.tsaUsername" "the_tsa_username"
CkJsonObject_UpdateString $json "timestampToken.tsaPassword" "the_tsa_password"

# When requesting the timestamp token, ask the server to include its certificate in the timestamp token response.
# This allows for the timestamp server's certificate to be included in the LTV validation (i.e. if the timestamp server
# has an OCSP URL, then Chilkat will also do the OCSP request for the timestamp server's certificate.)
CkJsonObject_UpdateBool $json "timestampToken.requestTsaCert" 1

set success [CkPdf_SignPdf $pdf $json "c:/temp/qa_output/helloWorld_signed_2.pdf"]
if {$success == 0} then {
    puts [CkPdf_lastErrorText $pdf]
    delete_CkPdf $pdf
    delete_CkJsonObject $json
    exit
}

puts "Successfully added a Document Timestamp Signature to the PDF"

delete_CkPdf $pdf
delete_CkJsonObject $json